Application Security | News, how-tos, features, reviews, and videos
Threat actors are concealing campaigns to evade detection and establish stronger footholds in compromised systems.
Baffle Manager 2.0 adds REST APIs, secrets store, certificate store, and SSO to fully automate data protection over SaaS workflows.
The new scouting tool for threat hunting and malicious infrastructure analysis promises to level up users’ security operation centers.
The application programming interface (API) has become integral to setting up functionality and flexibility. But they’re also potential attack vectors that need to be high on the security team’s radar.
The threat actor created fake personas on Twitter for researchers at a non-existent security firm.
Software supply chain security vendor claims to have discovered that true, non-agent-based runtime vulnerability analysis is possible by harnessing cloud APIs.
Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software.
Generative AI chatbots and large language models can be a double-edged swords from a risk perspective, but with proper use they can also improve cybersecurity in key ways
The malicious packages have been downloaded hundreds of times, but the long-term impact is unknown.
OX-GPT plugin promises natural-language security analysis for application security teams.